Introducing Clawkeeper—AI Agent Security for Production

Learn More
RAD Security
PlatformIntegrations
Free Trial
RAD Security

AI Detection and Response platform with behavioral runtime insights.

Why RAD?

  • For Enterprises
  • For MSSP's
  • Platform
  • Integrations

Use Cases

  • AI Detection and Response
  • Threat Hunting & Investigations
  • Security Orchestration and Automation
  • Behavioral Workload Threat Detection
  • Cloud Security Posture Management
  • Vulnerability Management

Resources

  • Resource Center
  • Blog
  • Documentation

Company

  • About
  • Contact
  • Partners
  • Press
  • Careers

© 2026 RAD Security. All rights reserved.

Privacy PolicyTerms of ServiceTrust Center
Here’s What the Verizon DBIR Tells Us, and How RAD Security Can Help
Back to Blog
Detection And Response

Here’s What the Verizon DBIR Tells Us, and How RAD Security Can Help

RS

RAD Security

·June 27, 2025·3 min read

Evolving Threats Require Faster, Smarter Response

The latest Verizon Data Breach Investigations Report paints a sobering picture for defenders. Ransomware is surging, edge devices are getting hammered, and attackers are bypassing MFA using increasingly clever social engineering techniques. More than half of all breaches start with human error, and the rise of unsanctioned GenAI usage is creating a new class of threats most organizations are unprepared for.

RAD Security is uniquely positioned to help security teams respond to these evolving risks. By combining real-time detection, behavioral analysis, and agentic automation, RAD enables teams to move faster, focus on what matters, and cut through the noise.

Initial Access and Infostealer Trends

One of the most important sections in this year’s DBIR is the breakdown of how attackers are getting in. Stolen credentials were responsible for 22 percent of initial access incidents, followed closely by vulnerability exploitation and phishing. The report also highlights a major increase in the use of infostealers to harvest secrets from public repos and developer environments. RAD tackles these issues head-on. Our Cloud-Aware Detection and Response (CADR) platform identifies compromised secrets across code, runtime, and cloud systems, and can automatically revoke or rotate them. Combined with our agentic SOAR, teams can respond immediately to signs of credential abuse or infostealer behavior without waiting on manual triage.

Ransomware and Lateral Movement Detection

The report also flags a major jump in ransomware, now present in 44 percent of breaches. Small organizations are hit hardest, but even large enterprises are not immune. At the same time, espionage-related incidents are rising, with sophisticated actors targeting vulnerable edge services. RAD addresses both problems by analyzing workload behavior in real time, detecting early signs of lateral movement and ransomware staging. We do not just stop at detection. Our automation engine can initiate preemptive containment steps, like isolating risky assets or flagging suspicious identity activity, all with minimal human intervention.

The Growing Impact of Human Error and Shadow AI

Another clear trend in the DBIR is the growing role of the human element in security failures. Sixty percent of breaches involve some form of user error, misconfiguration, or misuse. Shadow AI usage is a particularly timely concern. Fifteen percent of employees are using GenAI tools like ChatGPT from corporate devices, often in insecure or unsanctioned ways. RADBot detects and governs AI activity in real time. It flags when sensitive data flows through external LLMs and helps enforce policy without disrupting innovation. Combined with CADR, we can surface risky patterns like unsanctioned AI model use or prompt injection threats, so security teams stay ahead of emerging attack vectors.

Keep Reading

Related Articles

Continue reading with these related posts.

Introducing the New RAD Platform & RAD FusionAI
Ai Powered Security

Introducing the New RAD Platform & RAD FusionAI

The new RAD Platform connects every part of your security stack through a shared reasoning core. Built from customer feedback, it keeps context intact and turns investigation into action—security that explains itself.

RAD Security·Nov 5, 2025
Read
From RAGs to Riches: Supercharging Detection Engineering with Retrieval Augmented Generation
Detection And Response

From RAGs to Riches: Supercharging Detection Engineering with Retrieval Augmented Generation

Cloud Detection Engineers battle alert fatigue and coverage gaps. RAD Security leverages Retrieval Augmented Generation for smarter detection engineering.

Jimmy Mesta·Nov 26, 2024
Read
Cloud Attacks

5 Essential Cyber Security Defenses to Protect the 2024 Presidential Election

Securing elections in the digital age is more than just safeguarding databases; it’s about ensuring that every citizen's voice is heard without interference. There are 10 cyber security threats teams should prepare for before the 2024 election.

RAD Security·Oct 23, 2024
Read

Lagging Remediation and Unchecked Integrations

The DBIR also reveals that vulnerabilities in edge-facing infrastructure are not being addressed quickly enough. The average remediation time is over a month, and nearly one in three known issues remain open. RAD constantly monitors runtime and cloud perimeter environments for unpatched systems or risky configurations. Our SOAR capabilities can auto-initiate remediation workflows or reroute traffic from exposed services until the underlying issue is resolved.

Third-party risk has also doubled since last year, now accounting for 30 percent of breaches. Misused credentials in cloud platforms like Snowflake show how much damage a poorly secured integration can cause. RAD gives teams visibility into cloud-to-cloud relationships and can automatically test third-party services for issues like token persistence, lack of MFA, or unsafe permission scopes.

Closing the Gap Between Risk and Response

Perhaps most importantly, RAD aligns to the broader patterns in the DBIR through automated, intelligent workflows. Our platform can detect and remediate leaked credentials, block ransomware behavior before encryption, flag unauthorized GenAI activity, and generate explainable, audit-ready reports. Every part of our system is built to help lean security teams reduce exposure, accelerate response, and make smart decisions backed by context, not just alerts.

The DBIR tells us where the security world is falling short. RAD shows how to close the gap. With real-time behavioral detection, built-in cloud visibility, and agentic automation that actually works, RAD gives modern security teams the tools they need to meet today’s threats with speed and confidence.

‍

Verizon DBIRRAD Securityransomwarecredential theftinfostealersGenAI securitycloud detection and responseSOARPII monitoringruntime security
RS

Written by

RAD Security